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DETAILED ACTION 
Status of Claims 

1 . This communication is in response to RCE amendment filed April 19, 2006, where 
applicant amended claims 35 and 63. Claims 35-37,40-42,44,45,47-57,63-68 are pending. 

Response to Arguments 

2. Applicant's amendments and arguments filed 4/19/2006, with respect to the rejection(s) 
of claim(s) 35-37,40-42,44,45,47-57,63-68 under 102 (e) have been fully considered and are 
persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, 
a new ground(s) of rejection is made in view of Barrett et al (US Patent No. 6,581,059). 

Claim Objections 

3. Claim 66 objected to because of the following informalities: On line 16, change 
"application further concealed. . ." to "application is further concealed". Appropriate correction 
is required. 

Claim Rejections - 35 USC § 112 

4. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

5. Claim 35 rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for faiUng 
to particularly point out and distinctly claim the subject matter which applicant regards as the 
invention. 
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6. Claim 35 recites the limitation "said access request" in line 15. There is insufficient 
antecedent basis for this limitation in the claim. There is no prior mention of an actual "access 
request" being sent. (Applicant is requested to correct any subsequent claim that contains this 
occurrence). 



Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

8. Claims 35-41,43-47,53,57-59,61,63,65,66 and 67 rejected under 35 U.S.C. 102(e) as 
being anticipated by Barrett et al (US Patent No 6,581,059). 

9. In reference to claims 35,58,63 and 66, Barrett teaches a system, a personal profile 
control network and a method for distributing and maintaining end-user personal profile data in a 
data communications system, said system providing communication between applications using 
said personal profile data, the system comprising: 

a central protection server storing personal protection profile information, wherein said 
personal protection profile information stored information for a particular user as to which 
personal profile data associated with said particular user is accessible by which particular 
application (column 5 lines 20-45 and column 6 lines 20-65); 
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a requesting application for requesting access to certain personal profile data associated 
with a particular user, said user being identified by a first user identity (column 6 lines 19-25); 

an information providing application storing said certain personal profile data associated 
with said user wherein said certain personal profile data are stored separately from said central 
protection server storing said personal protection profile information (figure 1 and column 6 
lines 20-65); 

wherein said central protection server receives said access request for said certain 
personal profile data from said requesting application and grants or rejects said request by 
evaluating the associated personal protection profile information for said particular user (column 
3 lines 30-67); 

wherein said requesting application requests said certain personal profile data from said 
information providing application in response to said central protection server granting said 
access request (column 3 lines 30-67 and column 6 lines 40-67). 

10. In reference to claim 36, Barrett teaches the system according to claim 35, wherein there 
is one access means for each of said requesting application and said information providing 
application (column 6 lines 1-35). 

11. In reference to claim 37, Barrett teaches the system according to claim 35, wherein said 
central protection server provides a second user identity to the requesting application in response 
to said access request being granted, wherein said second user identity identifies the user within 
said information providing application and wherein said requesting application requests said 
certain personal profile data from said information providing application using said second user 
identity (column 7 line 45 - column 8 line 35). 
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12. In reference to claim 40, Barrett teaches the system according to claim 35, wherein the 
personal protection profile information are assigned one of a number of security levels, a lowest 
security level indicating that all personal profile data access is prevented for every application, 
and a highest security level indicating that all personal profile data is freely available (column 6 
lines 15-60). 

13. In reference to claims 41 and 59, Barrett teaches the system according to claims 36 and 
58, wherein an interface between said requesting application and said respective access means 
comprises an Application Programmable Interface based on a generic markup language (column 
6 lines 1-35). 

14. In reference to claim 43, Barrett teaches the system according to claim 41, wherein access 
to requested end-user personal profile data is granted or rejected by the central server in 
communication with the requesting application (Summary and column 6 lines 40-67). 

15. In reference to claims 44 and 64, Barrett teaches the system according to claims 35 and 
63, wherein access to said requested personal profile data is granted or rejected by the central 
server in communication with the information providing application (Summary and column 6 
lines 40-67). 

16. In reference to claims 45 and 65, Barrett teaches the system according to claims 35 and 
63, wherein access to said requested personal profile data is granted or rejected by the central 
server in communication with the requesting application and the information providing 
application (Summary and column 6 lines 40-67). 
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17. In reference to claim 47, Barrett teaches the system according to claim 36, wherein user 
identity translating means are provided in the access means of the requesting application (column 
7 Hne 45 - column 8 line 35). 

18. In reference to claims 53 and 67, Barrett teaches the system according to claims 36 and 
66, wherein the access means of the information requesting or providing application includes 
means for encrypting the user identity (column 7 line 34 - column 8 line 30). 

19. In reference to claim 57, Barrett teaches the system according to claim 35, wherein at 
least some of the applications include respective cache memory for temporarily holding 
information about access requests, and a previously used session can be reused at least for a 
given time period (column 7 lines 1-35). 

Claim Rejections - 35 USC § 103 

20. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

21. Claims 42,48-51 and 60 rejected under 35 U.S.C. 103(a) as being unpatentable over 
unpatentable over Barrett (US Patent No 6,581,059) in view of Weschler (US Patent No 
6,757,720). 

22. In reference to claims 42 and 60, Barrett teaches the system according to claims 41 and 
59, including HTML (column 8 lines 34-40). Barrett fails to explicitly teach wherein the generic 
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markup language is XML. However, Weschler does teach managing profile data via a profile 
service engine (Abstract and column 4 lines 45-67). Weschler discloses using a markup 
language such as XML for the usefulness of it dynamic formatting capabilities (column 8 lines 
20-40 and column 9 lines 50-67). 

It would have been obvious for one of ordinary skill in the art to modify Barrett by 
making the markup language as XML as per the teachings of Weschler for the usefulness of it 
dynamic formatting capabilities. 

23. In reference to claim 48, Barrett teaches the system according to claim 35. Barrett fails to 
explicitly teach wherein a general Document Type Definition (DTD) is defined to allow flow of 
personal data between said requesting application and said information providing application. 
However, Weschler teaches managing profile data via a profile service engine (Abstract and 
column 4 lines 45-67). Weschler discloses DTD's for authenticating request messages (column 
9 lines 50-67 and column 16 lines 18-65). 

It would have been obvious for one of ordinary skill in the art to modify Barrett by giving 
DTD's for data flow as per the teachings of Weschler since it is a structure of markup languages 
for providing authentication. 

24. In reference to claim 49, Barrett teaches the system according to claim 48. Barrett fails to 
explicitly teach wherein for each user a specific user DTD agreement is given (Weschler , 
column 9 lines 50-67 and column 16 lines 18-65). 

25. In reference to claim 50, Barrett teaches the system according to claim 36. Barrett fails to 
explicitly teach wherein said access request for said personal profile data is transported from the 
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requesting application to its access means using Remote Method Invocation (RMI) (Weschler , 
column 8 lines 25-67). 

26. In reference to claim 5 1 , Barrett teaches the system according to claim 50. Barrett fails to 
explicitly teach wherein the request is transported as an XML transport object tagged with 
information about the requested end-user personal profile data (Weschler , column 8 lines 20-40 
and column 9 lines 50-67). 

27. Claim 52 rejected under 35 U.S.C. 103(a) as being unpatentable over unpatentable 
over Barrett (US Patent No 6,581,059) in view of Hoyle (US Patent No 6,771,290). 

Barrett teaches the system according to claim 36, using HTTP and other protocols 
including secure protocols (column 5 and column 9 lines 15-35). Barrett fails to explicitly teach 
wherein an HTTPS protocol is used for communication between the access means of the 
requesting or information holding application and the central protection server. However, 
"Official Notice" is taken wherein HTTPS is a well-known security protocol for communication 
over HTTP, as is taught by Hoyle (column 12 lines 5-15). 

It would have been obvious for one of ordinary skill in the art to modify Barrett by 
making the HTTP communication into HTTPS protocol as per the teachings of Hoyle for the 
purpose of secure communication over HTTP. 

28. Claims 54-56,61,66 rejected under 35 U.S.C. 103(a) as being unpatentable over 
unpatentable over Barrett (US Patent No 6,581,059) in view of Hind et al (US Patent No 
6,826,690). 
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29. In reference to claims 54,62 and 68, Barrett teaches the system according to claims 36,61 
and 66. Barrett fails to explicitly teach wherein the request is digitally signed with at least one of 
a private key of the access means of the requesting application and a private key of the access 
means of the information providing application. However, Hind teaches generating a digital 
signature for a request using a servers private key for secure communication purposes (Summary 
and column 13 lines 30-60). 

It would have been obvious for one of ordinary skill in the art to modify Barrett wherein 
the request is digitally signed with at least one of a private key of the access means of the 
requesting application and a private key of the access means of the information providing 
application as per the teachings of Hind for the purpose of secure participation of entities in 
communication. 

30. In reference to claim 55, Barrett teaches the system according to claim 54, wherein the 
request is digitally signed with a private key of the central protection server, and a digital 
signature of the access means are verified in the central protection server (Hind, Summary and 
column 13 lines 30-60). 

31. In reference to claim 56, Barrett teaches the system according to claim 55, wherein the 
central server means comprises means for encrypting at least the second user identity used by the 
information providing application (Hind, Summary and column 13 lines 30-60). 
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Conclusion 

32. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Patent No US006647384B25 Gilmour teaches managing user profiles and authorizing 
access to the profiles. 

Patent Publication No US 20020143961 Al, Siegel et al, teaches access control 
capabilities to customer profiles. 

Patent No US006820204B1, Desai et al, teaches selectively sharing information over the 
Internet. 

Patent No US007003546B1, Cheah teaches a method of controlled distribution of 
information over a network. 

Patent No US006275824B1, O'Flaherty et al, teaches managing data privacy in a 
database system. 

Patent No US006944669B1, Saccocia teaches sharing personal information with 
websites. 

Patent No US005761662A, Dasan teaches retrieving information based on a user profile. 

Any inquiry concerning this communication or earlier communications fi*om the 
examiner should be directed to Ramy M. Osman whose telephone number is (571) 272-4008. 
The examiner can normally be reached on M-F 9-5. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ario Etienne can be reached on (571) 272-4001. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



RMO 

July 10, 2006 
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